Lucene search

[email protected]CVE-2001-0825

HistoryDec 06, 2001 - 5:00 a.m.

CVE-2001-0825

2001-12-0605:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0825

buffer overflow

xinetd

remote attacks

arbitrary commands

8.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.2%

JSON

Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check.

CPENameOperatorVersion
xinetd:xinetdxinetdle2.3.1
xinetd:xinetdxinetdeq2.1.8.8
xinetd:xinetdxinetdeq2.1.8.9
xinetd:xinetdxinetdeq2.3.0

CPE	Name	Operator	Version
xinetd:xinetd	xinetd	le	2.3.1
xinetd:xinetd	xinetd	eq	2.1.8.8
xinetd:xinetd	xinetd	eq	2.1.8.9
xinetd:xinetd	xinetd	eq	2.3.0

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000406

download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01

www.redhat.com/support/errata/RHSA-2001-092.html

www.securityfocus.com/bid/2971

exchange.xforce.ibmcloud.com/vulnerabilities/6804

8.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.2%

JSON